skills/mukul975/anthropic-cybersecurity-skills/detecting-malicious-scheduled-tasks-with-sysmon/Gen Agent Trust Hub
detecting-malicious-scheduled-tasks-with-sysmon
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted Windows Event Log data via
scripts/agent.py, which extracts command lines and task content. This content is then presented to the agent, creating a surface where malicious instructions embedded in the logs could potentially influence the agent's behavior. - Ingestion points:
scripts/agent.py:parse_evtx_xmlreads XML files from the filesystem provided via command-line arguments. - Boundary markers: Extracted log content is displayed without specific delimiters or instructions for the agent to ignore embedded commands.
- Capability inventory: The skill is restricted to local file reading and console output; it does not contain built-in subprocess execution, shell commands, or network access.
- Sanitization: Extracted content is truncated for display length but not specifically sanitized or escaped for prompt safety, relying on the agent's internal guardrails for processed data.
Audit Metadata